CVE-2021-38443

Summary

Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write arbitrary values in the XML parser.

Affected Software

VendorProductVersion RangeStatus
EclipseCycloneDDSunspecified < 0.8.0affected

Weaknesses

  • CWE-228: CWE-228 Improper Handling of Syntactically Invalid Structure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References